Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
File: 06d20303-8537-47c7-bd75-8dea01488a0a.roa (raw, json)
Hash identifier: MfebERYCtUeNwzqHri6jb93ksXMRxWn6kJKQzPthAks=
Subject key identifier: 60:A8:DF:8C:DF:6C:55:24:50:88:C1:9B:E9:A0:F4:96:87:D9:61:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 571A72F5E670D837BE971477B2052730F2A1D02F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:1a:72:f5:e6:70:d8:37:be:97:14:77:b2:05:27:30:f2:a1:d0:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ad:b4:79:15:51:70:32:90:da:29:98:0c:7b:
ed:e6:0c:f6:bb:2d:87:31:a6:9b:71:c5:35:1f:b4:
6c:6c:00:97:30:94:b2:11:cd:50:86:d4:27:23:6f:
fc:e0:df:7a:f3:95:d7:8a:93:0f:30:a8:dd:ec:6b:
e8:4b:d7:b5:9f:99:83:e1:0f:83:47:6c:51:7a:1e:
68:4a:e7:d3:b3:29:3e:54:c5:ef:29:d9:26:02:26:
58:b8:11:22:ce:2b:b3:e5:29:78:13:1e:cf:90:aa:
3b:83:40:e7:1e:39:d2:b7:20:98:0c:3b:d3:6f:ae:
3a:0a:d9:42:ce:02:7f:af:6c:c0:4b:f0:09:64:1f:
f4:96:2e:2c:fa:03:f9:ca:9a:f7:11:2f:e0:f9:77:
d0:b0:9c:63:74:62:d5:89:15:22:95:ce:20:41:54:
4a:83:9f:c0:76:a2:94:13:40:3e:01:16:02:c7:df:
fb:a8:07:35:e2:7a:39:95:a6:e5:76:ec:c3:d8:d4:
22:5b:07:e3:7a:11:7e:b6:fe:25:3a:23:10:6e:9a:
79:74:f8:2f:5b:c3:af:23:79:75:15:a4:20:d2:86:
6a:ae:ae:b0:5a:35:8f:ac:d2:b5:59:a6:8d:81:26:
c0:2f:03:80:8f:5f:31:fa:2e:b7:8f:93:a2:7a:63:
b0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A8:DF:8C:DF:6C:55:24:50:88:C1:9B:E9:A0:F4:96:87:D9:61:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/06d20303-8537-47c7-bd75-8dea01488a0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/24
Signature Algorithm: sha256WithRSAEncryption
61:50:21:42:06:94:b2:61:7a:33:42:f0:a4:c9:8a:61:b6:c9:
79:00:dd:0a:43:c8:72:f2:a9:41:41:a7:f9:bd:e1:4e:cb:59:
9f:01:58:a8:10:41:04:70:87:24:51:d6:dd:6b:ef:eb:52:88:
b2:bc:ca:30:b6:13:5b:c1:61:0d:4c:7b:3e:05:ff:d7:3f:1c:
37:50:ac:03:d0:c1:0e:56:46:9c:6b:95:61:12:23:12:ee:22:
ec:50:0d:7a:28:84:7d:b2:58:89:9e:d5:ea:9d:55:6d:50:98:
12:8d:da:35:7a:ff:09:5e:e0:b7:63:16:f3:63:2a:af:2a:15:
ef:22:04:09:eb:8d:0e:9e:71:9a:63:f8:7d:95:be:c7:4a:65:
59:6a:05:39:7b:a3:9b:1b:ee:6b:75:12:77:ef:f5:29:21:38:
9a:bb:cd:77:90:4f:73:e6:86:8b:a3:6d:82:92:1a:3a:16:3d:
80:fa:53:3d:f8:91:4d:66:72:fe:ef:49:61:8c:ad:32:ef:9e:
85:99:31:04:68:75:f3:b6:1c:71:1d:d1:7d:bb:f5:23:35:95:
a8:62:d7:e3:66:85:fa:34:e4:4f:cd:6c:47:96:84:75:39:2b:
6f:15:7b:5f:86:9e:e2:b8:66:98:e2:14:04:5a:3a:f2:89:85:
c4:69:f7:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVxpy9eZw2De+lxR3sgUnMPKh0C8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMWQzZGI1MGIwMzE3Y2UzMTEzNWRjMTc5YzU3ZmY0YTliYTFkOTdiZjIz
MWZjNTdkZDZmYjgwYjMzMmY1NjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKittHkVUXAykNopmAx77eYM9rsthzGmm3HFNR+0bGwAlzCUshHNUIbUJyNv
/ODfevOV14qTDzCo3exr6EvXtZ+Zg+EPg0dsUXoeaErn07MpPlTF7ynZJgImWLgR
Is4rs+UpeBMez5CqO4NA5x450rcgmAw702+uOgrZQs4Cf69swEvwCWQf9JYuLPoD
+cqa9xEv4Pl30LCcY3Ri1YkVIpXOIEFUSoOfwHailBNAPgEWAsff+6gHNeJ6OZWm
5Xbsw9jUIlsH43oRfrb+JTojEG6aeXT4L1vDryN5dRWkINKGaq6usFo1j6zStVmm
jYEmwC8DgI9fMfout4+TonpjsFsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRgqN+M
32xVJFCIwZvpoPSWh9lhQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDZkMjAzMDMtODUzNy00N2M3LWJkNzUtOGRlYTAxNDg4YTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAYVAhQgaUsmF6M0LwpMmKYbbJeQDdCkPIcvKpQUGn
+b3hTstZnwFYqBBBBHCHJFHW3Wvv61KIsrzKMLYTW8FhDUx7PgX/1z8cN1CsA9DB
DlZGnGuVYRIjEu4i7FANeiiEfbJYiZ7V6p1VbVCYEo3aNXr/CV7gt2MW82MqryoV
7yIECeuNDp5xmmP4fZW+x0plWWoFOXujmxvua3USd+/1KSE4mrvNd5BPc+aGi6Nt
gpIaOhY9gPpTPfiRTWZy/u9JYYytMu+ehZkxBGh187YccR3Rfbv1IzWVqGLX42aF
+jTkT81sR5aEdTkrbxV7X4ae4rhmmOIUBFo68omFxGn36w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:17:20 2025 by rpki-client